This section provides background information related to the present disclosure which is not necessarily prior art.
Historically, identity federation has been accomplished using a web service proxy server and not directly from a web application. The web service proxy server used a variety of mechanisms to obtain detailed profile and fine grain access (FGA) information about a user of a web application. The variety of mechanisms included headers with a user's identification and web services or databases. This required web application developers to become familiar with and accommodate a variety of vendor specific security tokens, distracting the developers from the main purpose or business functions of the web application. FIG. 1 shows an example prior art system where an authentication proxy server 2, in an edge network provided by a content delivery service provider, receives access request from users of browsers 3 over communication paths 4. The authentication proxy server 2 then sends a user identification or a vendor specific token in an HTTP header to each appropriate application server 5 over communication path 6. This requires each application developer to provide each consuming web application with the proper security access code and procedures. The web applications also require someone to maintain a continuing knowledge of web security access changes and update each web application to accommodate such changes. The system of FIG. 1 also resulted in the HTTP header token becoming too large and difficult to handle.
Corresponding reference numerals indicate corresponding parts throughout the several views of the drawings.